Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
441d2e44b9457817bf9d2e052d160bc2e3effc2a
edx-platform/lms/templates
History
Adeel Khan 298d3554fe Fix templates for XSS code injection via translations 
This would patch all templates (django/mako)
for a possible XSS code injection via
translation files by html escaping them..

LEARNER-4632
2019-06-25 14:22:42 +05:00
..
admin
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
api_admin
updated effective date
2018-07-04 15:15:18 +05:00
calculator
TE-2702 Update Read the Docs links to HTTPS
2018-08-15 17:34:01 -04:00
ccx
Convert instructor email messages to ACE
2018-09-25 17:51:10 +03:00
certificates
TE-2702 Update Read the Docs links to HTTPS
2018-08-15 17:34:01 -04:00
class_dashboard
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
commerce
SOL-1868: Receipt page should show the "Go To Dashboard" button in case of non-verified courses
2016-08-05 19:16:07 +05:00
components
Updates to correct a header styling issue and to make the starting header level selectable
2017-03-20 08:37:33 -04:00
course_modes
update local currency code
2019-06-05 15:46:16 -04:00
courseware
applying filter to remove dangerous html content before rendering in
2019-06-21 16:06:26 +05:00
credit_notifications
DOC-3822 Make 2 steps more obvious in credit eligible email
2017-11-15 15:15:13 -05:00
dashboard
Merge pull request #16496 from open-craft/josh/announcements-feature
2019-03-18 16:04:38 -04:00
debug
discovery
Remove old program detail page and Waffle switch gating the new page
2017-05-15 16:35:03 -04:00
discussion
Discussion consolidation: quality
2019-05-03 12:09:47 -04:00
edxnotes
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
emails
Revert "Convert Account Activation Emails to edx-ACE"
2019-05-01 16:30:09 -04:00
embargo
enrollment
Fix recent enrollment message and multiple donation boxes.
2017-08-11 17:35:25 +05:00
experiments
REVEM-374 Remove course prices from dashboard (#20856)
2019-06-24 08:56:05 -04:00
fields
ENT-1115
2018-12-18 16:46:16 -05:00
financial-assistance
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
fragments
Implement theme admin UI to support previewing
2017-07-27 17:24:31 -04:00
header
Add Discover New link to LMS header. (#20875)
2019-06-21 15:41:06 -04:00
instructor
DE-1479, update instructor dash verbiage for reports
2019-05-13 13:05:06 -04:00
learner_dashboard
Fix event tracking for pathway buttons.
2018-09-05 12:30:16 -04:00
modal
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
navigation
Removing the Deprecated the 'external_auth' package in favor of 'third_party_auth' which is the current recommendation.
2019-03-02 16:06:46 -05:00
oauth2_provider
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
peer_grading
provider
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
registration
Escape validation error messages on reset password page.
2018-09-13 16:28:52 +05:00
shoppingcart
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
static_templates
Added ability to change header and content of static pages in two ways.
2018-03-24 21:37:09 +01:00
student_account
Change button text for creating account
2019-06-05 15:18:45 -07:00
support
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
survey
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
ux/reference
LEARNER-3128 add role=presentation to sequence nav list items
2017-12-06 08:38:56 -05:00
verify_student
Remove extra quotation mark from template
2019-05-02 11:48:14 +05:00
widgets
Update edx.org theme to add new css rule
2019-04-22 14:15:16 +05:00
wiki
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
_gated_content.html
added radio input fields to pre-requisite selection
2018-05-30 11:25:59 +05:00
.gitignore
.hgignore
annotatable.html
book_toc.xml
bookmark_button.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
conditional_ajax.html
conditional_module.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
course.html
Fix date format
2019-02-21 20:29:08 -04:00
courses_list.html
Fix search to show courses one time
2019-04-29 12:07:56 +05:00
dashboard.html
Move dashboard_metadata to edX theme template.
2019-03-11 17:32:05 -04:00
edit_unit_link.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
email_change_failed.html
PLAT-1976 Add waffle switch to block auth_user write attempts
2018-02-28 13:13:06 -05:00
email_change_successful.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
email_exists.html
enroll_staff.html
add context to 'enroll' word
2018-02-13 11:56:54 +02:00
enroll_students.html
extauth_failure.html
feedback_email.txt
file-upload.underscore
footer.html
Mark alt text for translation
2019-05-30 07:40:23 -07:00
forgot_password_modal.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
header.html
Adding unified, responsive header.
2017-10-20 16:24:31 -04:00
help_modal.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
hidden_content.html
Revert "Merge pull request #14324 from edx/efischer/revertins"
2017-01-18 10:56:13 -05:00
identity.xml
index_overlay.html
Use PLATFORM_NAME on the home page
2019-05-22 17:39:00 -04:00
index_promo_video.html
Move default Promo Video html to themable file
2018-01-19 12:51:15 -08:00
index.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
invalid_email_key.html
library-block-author-preview-header.html
login-sidebar.html
Removing the Deprecated the 'external_auth' package in favor of 'third_party_auth' which is the current recommendation.
2019-03-02 16:06:46 -05:00
login.html
Remove Remember me button from login page
2019-06-18 17:30:37 +05:00
logout.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
lti_form.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
lti.html
Update lti iframe in platform & xblock github version
2018-02-12 09:36:06 -05:00
main_django.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
main.html
Merge pull request #16496 from open-craft/josh/announcements-feature
2019-03-18 16:04:38 -04:00
manage_user_standing.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
module-error.html
Import Issue.
2017-11-02 15:01:17 -04:00
notes.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
page_banner.html
Fix content gating a11y issues
2018-12-03 23:26:47 -05:00
pdf_viewer.html
Allow zooming, fix button link.
2016-10-28 09:53:54 -04:00
poll.html
preview_menu.html
REVE-103: Fix masquerade for feature based enrollments
2018-12-03 12:05:00 -05:00
problem_ajax.html
Add FA loading spinner to each problem
2018-01-19 11:28:10 -08:00
problem_notifications.html
Changes for ui correctness state when saving a problem
2016-11-16 12:30:04 -05:00
problem.html
Move a message to make it extractable
2019-05-28 09:04:25 -04:00
provider_login.html
register-form.html
Adding 'visible' field for SSO providers
2016-09-08 11:27:09 -04:00
register-shib.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
register-sidebar.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
register.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
resubscribe.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
secondary_email_change_failed.html
Verification by email of recovery address.
2018-12-27 18:51:55 +05:00
secondary_email_change_successful.html
Verification by email of recovery address.
2018-12-27 18:51:55 +05:00
seq_module.html
Augment content_type_gating tests to detect the failure case from the original REVMI-34 implementation
2019-05-16 15:17:33 -04:00
signup_modal.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
split_test_author_view.html
split_test_staff_view.html
split_test_student_view.html
staff_problem_info.html
TE-2646 Use headless Chrome for a11y tests
2018-08-28 17:26:26 -04:00
static_htmlbook.html
Remove the annotations feature introduced by Harvard.
2018-07-16 16:55:08 -04:00
static_pdfbook.html
AC-530 fixing link-href ignores in the platform
2016-08-19 10:04:40 -04:00
staticbook.html
studio_render_children_view.html
studio_render_paged_children_view.html
sysadmin_dashboard_gitlogs.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
sysadmin_dashboard.html
Fix templates for XSS code injection via translations
2019-06-25 14:22:42 +05:00
tab_module.html
text-me-the-app.html
Create custom Text Me the App landing page.
2017-12-13 17:10:32 +05:00
tracking_log.html
unsubscribe.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
user_dropdown.html
s/django.core.urlresolvers/django.urls/g
2018-06-05 13:59:09 -04:00
using.html
vert_module.html
Add Content Type Gating Behind Waffle Flag
2018-10-31 12:34:48 -04:00
video_modal.html
AC-520 fixing section ignores
2016-07-06 15:01:44 -04:00
video.html
Adds a course option to auto-advance videos.
2017-12-21 21:06:05 +10:30
word_cloud.html
Switch to dedicated student/author views.
2016-11-16 13:10:52 -05:00
xrds.xml